skip to main content
10.1145/2799979.2799985acmotherconferencesArticle/Chapter ViewAbstractPublication PagessinConference Proceedingsconference-collections
research-article

Simulation user behavior on a security testbed using user behavior states graph

Published:08 September 2015Publication History

ABSTRACT

For testing new methods of network security or new algorithms of security analytics, we need the experimental environments as well as the testing data which are much as possible similar to the real-world data. Therefore, the researchers are always trying to find the best approaches and recommendations of creating and simulating testbeds, because the issue of automation of the testbed creation is a crucial goal to accelerate research progress. One of the ways to generate data is simulate the user behavior on the virtual machines, but the challenge is how to describe what we want to simulate.

In this paper, we present a new approach of describing user behavior for the simulation tool. This approach meets requirements of simplicity and extensibility. And it could be used for generating user behavior scenarios to simulate them on Windows-family virtual machines. The proposed approached is applied to our developed simulation tool that we use for solving a problem of the lack of data for research in network security and security analytics areas by generating log dataset that could be used for testing new methods of network security and new algorithms of security analytics.

References

  1. Microsoft Windows Server 2012. http://www.microsoft.com/en-us/server-cloud/products/windows-server-2012-r2.Google ScholarGoogle Scholar
  2. Python Imaging Library. http://www.pythonware.com/products/pil.Google ScholarGoogle Scholar
  3. Python programming language. https://www.python.org.Google ScholarGoogle Scholar
  4. Virtual Network Computing. http://www.hep.phy.cam.ac.uk/vnc\_docs/index.html.Google ScholarGoogle Scholar
  5. VMware ESXi. http: //www.vmware.com/products/vsphere-hypervisor.Google ScholarGoogle Scholar
  6. Vncdotool. A command line VNC client. https://github.com/sibson/vncdotool.Google ScholarGoogle Scholar
  7. Windows Active Directory. http: //msdn.microsoft.com/en-us/library/bb742424.aspx.Google ScholarGoogle Scholar
  8. Windows PowerShell. http://technet.microsoft.com/en-us/library/bb978526.aspx.Google ScholarGoogle Scholar
  9. E. L. Barse, H. Kvarnström, and E. Jonsson. Synthesizing test data for fraud detection systems. In Proceedings of the 19th Annual Computer Security Applications Conference, ACSAC '03, pages 384--, Washington, DC, USA, 2003. IEEE Computer Society. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. B. Braden, N. S. F. (U.S.), N. S. F. U. D. for Computer, I. Science, Engineering, N. S. F. U. A. N. Infrastructure, and R. Division. Report of NSF Workshop on Network Research Testbeds. Directorate for Computer and Information Science and Engineering (CISE), Advanced Networking Infrastructure & Research Division, 2002.Google ScholarGoogle Scholar
  11. L. Breslau, D. Estrin, K. R. Fall, S. Floyd, J. S. Heidemann, A. Helmy, P. Huang, S. McCanne, K. Varadhan, Y. Xu, and H. Yu. Advances in network simulation. IEEE Computer, 33(5): 59--67, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. A. A. Cardenas, P. K. Manadhata, and S. P. Rajan. Big Data Analytics for Security. IEEE Security & Privacy, 11(6): 74--76, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. M. Chandrasekaran, V. Sankaranarayanan, and S. J. Upadhyaya. Spycon: Emulating user activities to detect evasive spyware. In IPCCC, pages 502--509. IEEE Computer Society, 2007.Google ScholarGoogle ScholarCross RefCross Ref
  14. R. Chinchani, A. Muthukrishnan, M. Chandrasekaran, and S. J. Upadhyaya. Racoon: Rapidly generating user command data for anomaly detection from customizable templates. In ACSAC, pages 189--204. IEEE Computer Society, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. A. Garg, S. Vidyaraman, S. Upadhyaya, and K. Kwiat. Usim: A user behavior simulation framework for training and testing idses in gui based systems. In Proceedings of the 39th Annual Symposium on Simulation, ANSS '06, pages 196--203, Washington, DC, USA, 2006. IEEE Computer Society. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. R. P. Pargas, M. J. Harrold, and R. Peck. Test-data generation using genetic algorithms. Softw. Test., Verif. Reliab., 9(4): 263--282, 1999.Google ScholarGoogle ScholarCross RefCross Ref
  17. M. A. Whiting, J. Haack, and C. Varley. Creating realistic, scenario-based synthetic data for test and evaluation of information analytics software. In Proceedings of the 2008 Workshop on BEyond Time and Errors: Novel evaLuation Methods for Information Visualization, BELIV '08, pages 8:1--8:9, New York, NY, USA, 2008. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. G. Zimmerman. Modeling and simulation of individual user behavior for building performance predictions. In Proceedings of the 2007 Summer Computer Simulation Conference, SCSC '07, pages 913--920, San Diego, CA, USA, 2007. Society for Computer Simulation International. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Simulation user behavior on a security testbed using user behavior states graph

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in
          • Published in

            cover image ACM Other conferences
            SIN '15: Proceedings of the 8th International Conference on Security of Information and Networks
            September 2015
            350 pages
            ISBN:9781450334532
            DOI:10.1145/2799979

            Copyright © 2015 ACM

            Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 8 September 2015

            Permissions

            Request permissions about this article.

            Request Permissions

            Check for updates

            Qualifiers

            • research-article

            Acceptance Rates

            SIN '15 Paper Acceptance Rate34of92submissions,37%Overall Acceptance Rate102of289submissions,35%

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader